System/Kernel
ps c:\> systeminfo ; Get-ComputerInfo
host name: ATOM
os name: Microsoft Windows 10 Pro
os version: 10.0.19042 N/A Build 19042
os manufacturer: Microsoft Corporation
os configuration: Standalone Workstation
os build type: Multiprocessor Free
registered owner: barry
registered organization:
product id: 00330-80112-18556-AA358
original install date: 4/1/2021, 2:57:31 AM
system boot time: 1/8/2024, 6:12:26 PM
system manufacturer: VMware, Inc.
system model: VMware7,1
system type: x64-based PC
processor(s): 1 Processor(s) Installed.
[01]: AMD64 Family 23 Model 49 Stepping 0 AuthenticAMD ~2994 Mhz
bios version: VMware, Inc. VMW71.00V.16707776.B64.2008070230, 8/7/2020
windows directory: C:\WINDOWS
system directory: C:\WINDOWS\system32
boot device: \Device\HarddiskVolume3
system locale: en-us;English (United States)
input locale: en-us;English (United States)
time zone: (UTC-08:00) Pacific Time (US & Canada)
total physical memory: 4,095 MB
available physical memory: 2,677 MB
virtual memory: Max Size: 5,503 MB
virtual memory: Available: 3,715 MB
virtual memory: In Use: 1,788 MB
page file location(s): C:\pagefile.sys
domain: WORKGROUP
logon server: \\ATOM
hotfix(s): 9 Hotfix(s) Installed.
[01]: KB4601554
[02]: KB4562830
[03]: KB4570334
[04]: KB4577586
[05]: KB4580325
[06]: KB4586864
[07]: KB4589212
[08]: KB5000842
[09]: KB5000981
network card(s): 1 NIC(s) Installed.
[01]: vmxnet3 Ethernet Adapter
connection name: Ethernet0
dhcp enabled: No
IP address(es)
[01]: 10.10.10.237
[02]: fe80::a113:8872:d58a:1862
[03]: dead:beef::c8c5:32a:bb32:10b9
[04]: dead:beef::a113:8872:d58a:1862
hyper-v requirements: A hypervisor has been detected. Features required for Hyper-V will not be displayed.
windowsbuildlabex : 19041.1.amd64fre.vb_release.191206-1406
windowscurrentversion : 6.3
windowseditionid : Professional
windowsinstallationtype : Client
windowsinstalldatefromregistry : 4/1/2021 10:57:31 AM
windowsproductid : 00330-80112-18556-AA358
windowsproductname : Windows 10 Pro
windowsregisteredorganization :
windowsregisteredowner : barry
windowssystemroot : C:\WINDOWS
windowsversion : 2009
bioscharacteristics : {4, 7, 9, 11...}
biosbiosversion : {INTEL - 6040000, VMW71.00V.16707776.B64.2008070230,
VMware, Inc. - 10000}
biosbuildnumber :
bioscaption : VMW71.00V.16707776.B64.2008070230
biosdescription : VMW71.00V.16707776.B64.2008070230
biosembeddedcontrollermajorversion : 255
biosembeddedcontrollerminorversion : 255
biosfirmwaretype : Uefi
biosmanufacturer : VMware, Inc.
biosname : VMW71.00V.16707776.B64.2008070230
biosothertargetos :
biosprimarybios : True
biosreleasedate : 8/6/2020 5:00:00 PM
biosseralnumber : VMware-42 39 a3 4d 75 6d ed 26-27 34 0a 5a 75 d3 20 06
biossmbiosbiosversion : VMW71.00V.16707776.B64.2008070230
biossmbiosmajorversion : 2
biossmbiosminorversion : 7
biossmbiospresent : True
biossoftwareelementstate : Running
biosstatus : OK
biossystembiosmajorversion : 255
biossystembiosminorversion : 255
biostargetoperatingsystem : 0
biosversion : INTEL - 6040000
csadminpasswordstatus : Enabled
csautomaticmanagedpagefile : True
csautomaticresetbootoption : True
csautomaticresetcapability : True
csbootoptiononlimit : DoNotReboot
csbootoptiononwatchdog : DoNotReboot
csbootromsupported : True
csbootstatus : {0, 0, 0, 33...}
csbootupstate : Normal boot
cscaption : ATOM
cschassisbootupstate : Safe
cschassisskunumber :
cscurrenttimezone : -480
csdaylightineffect : False
csdescription : AT/AT COMPATIBLE
csdnshostname : ATOM
csdomain : WORKGROUP
csdomainrole : StandaloneWorkstation
csenabledaylightsavingstime : True
csfrontpanelresetstatus : Unknown
cshypervisorpresent : True
csinfraredsupported : False
cskeyboardpasswordstatus : Unknown
csmanufacturer : VMware, Inc.
csmodel : VMware7,1
csname : ATOM
csnetworkadapters : {Ethernet0}
csnetworkservermodeenabled : True
csnumberoflogicalprocessors : 2
csnumberofprocessors : 1
csprocessors : {AMD EPYC 7302P 16-Core Processor }
csoemstringarray : {[MS_VM_CERT/SHA1/27d66596a61c48dd3dc7216fd715126e33f59ae7],
Welcome to the Virtual Machine}
cspartofdomain : False
cspauseafterreset : 3932100000
cspcsystemtype : Desktop
cspcsystemtypeex : Desktop
cspoweronpasswordstatus : Disabled
cspowerstate : Unknown
cspowersupplystate : Safe
csprimaryownername : barry
csresetcapability : Other
csresetcount : -1
csresetlimit : -1
csroles : {LM_Workstation, LM_Server, NT}
csstatus : OK
cssystemtype : x64-based PC
csthermalstate : Safe
cstotalphysicalmemory : 4293898240
csphyicallyinstalledmemory : 4194304
csusername : ATOM\jason
cswakeuptype : PowerSwitch
csworkgroup : WORKGROUP
osname : Microsoft Windows 10 Pro
ostype : WINNT
osoperatingsystemsku : 48
osversion : 10.0.19042
oscsdversion :
osbuildnumber : 19042
oshotfixes : {KB4601554, KB4562830, KB4570334, KB4577586...}
osbootdevice : \Device\HarddiskVolume3
ossystemdevice : \Device\HarddiskVolume4
ossystemdirectory : C:\WINDOWS\system32
ossystemdrive : C:
oswindowsdirectory : C:\WINDOWS
oscountrycode : 1
oscurrenttimezone : -480
oslocaleid : 0409
oslocale : en-US
oslocaldatetime : 1/9/2024 4:18:10 AM
oslastbootuptime : 1/8/2024 6:12:26 PM
osuptime : 10:05:43.6346335
osbuildtype : Multiprocessor Free
oscodeset : 1252
osdataexecutionpreventionavailable : True
osdataexecutionprevention32bitapplications : True
osdataexecutionpreventiondrivers : True
osdataexecutionpreventionsupportpolicy : OptIn
osdebug : False
osdistributed : False
osencryptionlevel : 256
osforegroundapplicationboost : Maximum
ostotalvisiblememorysize : 4193260
osfreephysicalmemory : 2726340
ostotalvirtualmemorysize : 5635052
osfreevirtualmemory : 3795592
osinusevirtualmemory : 1839460
ostotalswapspacesize :
ossizestoredinpagingfiles : 1441792
osfreespaceinpagingfiles : 1441792
ospagingfiles : {C:\pagefile.sys}
oshardwareabstractionlayer : 10.0.19041.906
osinstalldate : 4/1/2021 3:57:31 AM
osmanufacturer : Microsoft Corporation
osmaxnumberofprocesses : 4294967295
osmaxprocessmemorysize : 137438953344
osmuilanguages : {en-US}
osnumberofprocesses : 138
osnumberofusers : 2
osarchitecture : 64-bit
oslanguage : en-US
osproductsuites : {TerminalServicesSingleSession}
osportableoperatingsystem : False
osprimary : True
osproducttype : WorkStation
osregistereduser : barry
osserialnumber : 00330-80112-18556-AA358
osservicepackmajorversion : 0
osservicepackminorversion : 0
osstatus : OK
ossuites : {TerminalServices, TerminalServicesSingleSession}
keyboardlayout : en-US
timezone : (UTC-08:00) Pacific Time (US & Canada)
logonserver : \\ATOM
powerplatformrole : Desktop
hypervisorpresent : True
deviceguardsmartstatus : OffATOM
Microsoft Windows 10 Pro
10.0.19042 N/A Build 19042
1252
barry
x64-based PC
1 Processor(s)
9 Hotfix(s)
Desktop
Networks
PS C:\> ipconfig /All ; arp -a ; route print
Windows IP Configuration
Host Name . . . . . . . . . . . . : ATOM
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet0:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-B9-65-13
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : dead:beef::a113:8872:d58a:1862(Preferred)
Temporary IPv6 Address. . . . . . : dead:beef::c8c5:32a:bb32:10b9(Preferred)
Link-local IPv6 Address . . . . . : fe80::a113:8872:d58a:1862%6(Preferred)
IPv4 Address. . . . . . . . . . . : 10.10.10.237(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::250:56ff:feb9:6c92%6
10.10.10.2
DNS Servers . . . . . . . . . . . : 1.1.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Interface: 10.10.10.237 --- 0x6
Internet Address Physical Address Type
10.10.10.2 00-50-56-b9-6c-92 dynamic
10.10.10.255 ff-ff-ff-ff-ff-ff static
224.0.0.22 01-00-5e-00-00-16 static
224.0.0.251 01-00-5e-00-00-fb static
224.0.0.252 01-00-5e-00-00-fc static
239.255.255.250 01-00-5e-7f-ff-fa static
===========================================================================
Interface List
6...00 50 56 b9 65 13 ......vmxnet3 Ethernet Adapter
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.10.2 10.10.10.237 271
10.10.10.0 255.255.255.0 On-link 10.10.10.237 271
10.10.10.237 255.255.255.255 On-link 10.10.10.237 271
10.10.10.255 255.255.255.255 On-link 10.10.10.237 271
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 10.10.10.237 271
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 10.10.10.237 271
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 10.10.10.2 Default
===========================================================================
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
6 271 ::/0 fe80::250:56ff:feb9:6c92
1 331 ::1/128 On-link
6 271 dead:beef::/64 On-link
6 271 dead:beef::a113:8872:d58a:1862/128
On-link
6 271 dead:beef::c8c5:32a:bb32:10b9/128
On-link
6 271 fe80::/64 On-link
6 271 fe80::a113:8872:d58a:1862/128
On-link
1 331 ff00::/8 On-link
6 271 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
PS C:\> netstat -ano | Select-String LIST
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 2540
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 924
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 2540
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:5040 0.0.0.0:0 LISTENING 5608
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:6379 0.0.0.0:0 LISTENING 7928
TCP 0.0.0.0:8081 0.0.0.0:0 LISTENING 7768
TCP 0.0.0.0:8082 0.0.0.0:0 LISTENING 7800
TCP 0.0.0.0:8083 0.0.0.0:0 LISTENING 7864
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 684
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 540
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING 1088
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 1692
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 2144
TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING 672
TCP 10.10.10.237:139 0.0.0.0:0 LISTENING 4
TCP [::]:80 [::]:0 LISTENING 2540
TCP [::]:135 [::]:0 LISTENING 924
TCP [::]:443 [::]:0 LISTENING 2540
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:5985 [::]:0 LISTENING 4
TCP [::]:6379 [::]:0 LISTENING 7928
TCP [::]:47001 [::]:0 LISTENING 4
TCP [::]:49664 [::]:0 LISTENING 684
TCP [::]:49665 [::]:0 LISTENING 540
TCP [::]:49666 [::]:0 LISTENING 1088
TCP [::]:49667 [::]:0 LISTENING 1692
TCP [::]:49668 [::]:0 LISTENING 2144
TCP [::]:49669 [::]:0 LISTENING 6720.0.0.0:5040
0.0.0.0:8081
0.0.0.0:8082
0.0.0.0:8083
Users & Groups
ps c:\> net user ; dir C:\Users
User accounts for \\ATOM
-------------------------------------------------------------------------------
Administrator DefaultAccount Guest
jason WDAGUtilityAccount
The command completed successfully.
directory: C:\Users
Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 4/13/2021 2:41 AM Administrator
d----- 4/13/2021 2:35 AM jason
d-r--- 4/1/2021 4:49 AM Public jason
ps c:\> net localgroup
Aliases for \\ATOM
-------------------------------------------------------------------------------
*Access Control Assistance Operators
*Administrators
*Backup Operators
*Cryptographic Operators
*Distributed COM Users
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Power Users
*Remote Desktop Users
*Remote Management Users
*Replicator
*System Managed Accounts Group
*Users
The command completed successfully.Processes
PS C:\> tasklist /svc
Image Name PID Services
========================= ======== ============================================
System Idle Process 0 N/A
System 4 N/A
Registry 92 N/A
smss.exe 336 N/A
csrss.exe 424 N/A
csrss.exe 532 N/A
wininit.exe 540 N/A
winlogon.exe 596 N/A
services.exe 672 N/A
lsass.exe 684 KeyIso, SamSs, VaultSvc
svchost.exe 800 BrokerInfrastructure, DcomLaunch, PlugPlay,
Power, SystemEventsBroker
fontdrvhost.exe 828 N/A
fontdrvhost.exe 836 N/A
svchost.exe 924 RpcEptMapper, RpcSs
svchost.exe 976 LSM
dwm.exe 64 N/A
svchost.exe 416 NcbService
svchost.exe 752 TimeBrokerSvc
svchost.exe 824 CoreMessagingRegistrar
svchost.exe 1088 EventLog
svchost.exe 1184 DispBrokerDesktopSvc
svchost.exe 1204 SEMgrSvc
svchost.exe 1228 nsi
vm3dservice.exe 1256 vm3dservice
svchost.exe 1328 Dhcp
svchost.exe 1384 ProfSvc
svchost.exe 1404 EventSystem
svchost.exe 1416 SysMain
svchost.exe 1452 Themes
svchost.exe 1604 NlaSvc
Memory Compression 1640 N/A
svchost.exe 1652 SENS
svchost.exe 1692 Schedule
svchost.exe 1700 DsmSvc
svchost.exe 1716 FontCache
svchost.exe 1728 AudioEndpointBuilder
svchost.exe 1904 Audiosrv
svchost.exe 1912 netprofm
svchost.exe 2012 Dnscache
svchost.exe 2028 DusmSvc
svchost.exe 2044 Wcmsvc
svchost.exe 1688 ShellHWDetection
spoolsv.exe 2144 Spooler
svchost.exe 2196 WinHttpAutoProxySvc
svchost.exe 2236 UserManager
svchost.exe 2268 BFE, mpssvc
svchost.exe 2292 LanmanWorkstation
httpd.exe 2540 Apache2.4
svchost.exe 2548 CryptSvc
svchost.exe 2556 DiagTrack
svchost.exe 2568 DPS
svchost.exe 2608 Winmgmt
svchost.exe 2648 LanmanServer
svchost.exe 2672 SstpSvc
svchost.exe 2716 TrkWks
VGAuthService.exe 2732 VGAuthService
vmtoolsd.exe 2740 VMTools
svchost.exe 2748 WpnService
svchost.exe 2824 iphlpsvc
svchost.exe 2876 WdiServiceHost
svchost.exe 2956 RasMan
httpd.exe 3332 N/A
dllhost.exe 3376 COMSysApp
svchost.exe 3484 PolicyAgent
WmiPrvSE.exe 3664 N/A
msdtc.exe 4644 MSDTC
svchost.exe 4656 RmSvc
svchost.exe 4864 StorSvc
svchost.exe 5044 StateRepository
sihost.exe 5144 N/A
svchost.exe 5188 CDPUserSvc_54b83
svchost.exe 5224 WpnUserService_54b83
cmd.exe 5288 N/A
taskhostw.exe 5336 N/A
cmd.exe 5344 N/A
MicrosoftEdgeUpdate.exe 5352 N/A
svchost.exe 5368 TokenBroker
svchost.exe 5516 TabletInputService
ctfmon.exe 5600 N/A
svchost.exe 5608 CDPSvc
explorer.exe 6012 N/A
svchost.exe 6112 cbdhsvc_54b83
conhost.exe 5804 N/A
conhost.exe 5476 N/A
conhost.exe 5436 N/A
StartMenuExperienceHost.e 6272 N/A
RuntimeBroker.exe 6388 N/A
svchost.exe 6464 BITS
svchost.exe 6524 SSDPSRV
SearchApp.exe 6576 N/A
SearchIndexer.exe 6604 WSearch
RuntimeBroker.exe 6704 N/A
RuntimeBroker.exe 5800 N/A
cmd.exe 7188 N/A
vm3dservice.exe 7308 N/A
vmtoolsd.exe 7336 N/A
svchost.exe 7360 WinRM
cmd.exe 7624 N/A
cmd.exe 7720 N/A
node.exe 7768 N/A
node.exe 7800 N/A
node.exe 7864 N/A
redis-server.exe 7928 Redis
dllhost.exe 7612 N/A
svchost.exe 5544 lmhosts
ApplicationFrameHost.exe 3344 N/A
svchost.exe 4988 LicenseManager
WinStore.App.exe 8460 N/A
RuntimeBroker.exe 8548 N/A
YourPhone.exe 9124 N/A
RuntimeBroker.exe 4508 N/A
SgrmBroker.exe 6128 SgrmBroker
svchost.exe 6176 UsoSvc
svchost.exe 2252 wscsvc
svchost.exe 5176 OneSyncSvc_54b83
svchost.exe 436 InstallService
SecurityHealthService.exe 1944 SecurityHealthService
UserOOBEBroker.exe 7712 N/A
svchost.exe 1572 WaaSMedicSvc
ShellExperienceHost.exe 1476 N/A
RuntimeBroker.exe 7684 N/A
svchost.exe 1264 WbioSrvc
svchost.exe 2708 PcaSvc
svchost.exe 1280 WdiSystemHost
u'pdate.exe 5320 N/A
cmd.exe 3008 N/A
conhost.exe 8584 N/A
powershell.exe 4760 N/A
svchost.exe 2640 wlidsvc
svchost.exe 8032 ClipSVC
PING.EXE 8212 N/A
PING.EXE 6756 N/A
tasklist.exe 8912 N/A Spooler
node.exe
redis-server.exe
WinStore.App.exe
YourPhone.exe
Tasks
ps c:\> Get-ScheduledTask | where {$_.TaskPath -notlike "\Microsoft*" } | ft TaskName,TaskPath,State
TaskName TaskPath State
-------- -------- -----
SoftwareUpdates \ Running
UpdateServer \ ReadySoftwareUpdates
UpdateServer
Firewall & AV
PS C:\> netsh firewall show config
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Allowed programs configuration for Domain profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Port configuration for Domain profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No File and Printer Sharing
Enable No Network Discovery
Allowed programs configuration for Standard profile:
Mode Traffic direction Name / Program
-------------------------------------------------------------------
Disable Inbound redis-server / C:\redis\redis-server.exe
Enable Inbound redis-server.exe / C:\users\jason\downloads\redis-2.4.5-win32-win64\64bit\redis-server.exe
Disable Inbound Node.js: Server-side JavaScript / C:\program files\nodejs\node.exe
Port configuration for Standard profile:
Port Protocol Mode Traffic direction Name
-------------------------------------------------------------------
Log configuration:
-------------------------------------------------------------------
File location = C:\WINDOWS\system32\LogFiles\Firewall\pfirewall.log
Max file size = 4096 KB
Dropped packets = Disable
Connections = Disable
IMPORTANT: Command executed successfully.
However, "netsh firewall" is deprecated;
use "netsh advfirewall firewall" instead.
For more information on using "netsh advfirewall firewall" commands
instead of "netsh firewall", see KB article 947709
at https://go.microsoft.com/fwlink/?linkid=121488 .FW is partially enabled
redis-server.exe / C:\users\jason\downloads\redis-2.4.5-win32-win64\64bit\redis-server.exe
PS C:\> Get-MpComputerStatus ; Get-MpPreference | Select-Object -Property ExclusionPath
AMEngineVersion : 0.0.0.0
AMProductVersion : 4.18.2102.4
AMRunningMode : Not running
AMServiceEnabled : False
AMServiceVersion : 0.0.0.0
AntispywareEnabled : False
AntispywareSignatureAge : 4294967295
AntispywareSignatureLastUpdated :
AntispywareSignatureVersion : 0.0.0.0
AntivirusEnabled : False
AntivirusSignatureAge : 4294967295
AntivirusSignatureLastUpdated :
AntivirusSignatureVersion : 0.0.0.0
BehaviorMonitorEnabled : False
ComputerID : C87F1B71-9978-4714-82D4-142599713877
ComputerState : 0
FullScanAge : 4294967295
FullScanEndTime :
FullScanStartTime :
IoavProtectionEnabled : False
IsTamperProtected : False
IsVirtualMachine : True
LastFullScanSource : 0
LastQuickScanSource : 0
NISEnabled : False
NISEngineVersion : 0.0.0.0
NISSignatureAge : 4294967295
NISSignatureLastUpdated :
NISSignatureVersion : 0.0.0.0
OnAccessProtectionEnabled : False
QuickScanAge : 4294967295
QuickScanEndTime :
QuickScanStartTime :
RealTimeProtectionEnabled : False
RealTimeScanDirection : 0
TamperProtectionSource : Signatures
PSComputerName :
ExclusionPath : {N/A: Must be admin to view exclusions}AV is disabled
Session Architecture
ps c:\> [Environment]::Is64BitProcess
TrueInstalled .NET Frameworks
PS C:\> cmd /c dir /A:D C:\Windows\Microsoft.NET\Framework ; cmd /c reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP" ; cmd /c reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP" /s
Volume in drive C has no label.
Volume Serial Number is 9793-C2E6
Directory of C:\Windows\Microsoft.NET\Framework
04/01/2021 03:48 AM <DIR> .
04/01/2021 03:48 AM <DIR> ..
04/01/2021 03:50 AM <DIR> v1.0.3705
04/01/2021 03:50 AM <DIR> v1.1.4322
12/07/2019 01:14 AM <DIR> v2.0.50727
04/09/2021 04:05 AM <DIR> v4.0.30319
0 File(s) 0 bytes
6 Dir(s) 5,389,807,616 bytes free
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\CDF\v4.0
HttpNamespaceReservationInstalled REG_DWORD 0x1
NetTcpPortSharingInstalled REG_DWORD 0x1
NonHttpActivationInstalled REG_DWORD 0x1
SMSvcHostPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
WMIInstalled REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
InstallPath REG_SZ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Full\1033
CBS REG_DWORD 0x1
Install REG_DWORD 0x1
Release REG_DWORD 0x80ff4
Servicing REG_DWORD 0x0
TargetVersion REG_SZ 4.0.0
Version REG_SZ 4.8.04084
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0
(Default) REG_SZ deprecated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4.0\Client
Install REG_DWORD 0x1
Version REG_SZ 4.0.0.0.NET 4.8.04084